Binary Analysis Tool checks component licenses
Armijn Hemel, lead compliance engineer at gpl-violations.org and CTO at Loohuis Consulting and Shane Coughlan have announced the first public release of their Binary Analysis Tool. With the tool, users can audit and analyse executable code, such as programs and libraries, file systems, or firmware images to check, for example, for GPL violations or for other potential legal issues.
According to the developers, the tool uses the same type of approach, called 'compliance engineering', "that gpl-violations.org applies to discover license issues in consumer electronics". The Binary Analysis Tool works by reading the binary code in firmware formats and comparing it with source code. Users can also build an optional customised knowledge-base. The developers hope that the tool can compliment or even replace manual analysis techniques that are typically used to audit code. However, the tool does not scan binary code at the instruction-level or scan firmware with encryption or DRM protection.
More details about the release, including limitations of the tool and a demonstration video, are available on the project web site. The Binary Analysis Tool is available to download from the project's web site and is released under the Apache license. Documentation is also provided. The project is sponsored by the Linux Foundation, the NLnet Foundation, Opendawn and Loohuis Consulting.
- How the GPL is enforced, a feature from The H.